package com.rabbit.eap.framework.shiro.jwt;

import com.rabbit.eap.framework.shiro.cache.LoginRedisService;
import com.rabbit.eap.framework.shiro.vo.LoginSysUserRedisVO;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;

/**
 * @projectName eap
 * @packageName com.rabbit.eap.framework.shiro.jwt
 * @className JwtRealm
 * @author： rabbit
 * @version： 1.0
 * @since： 2020/4/19 20:18
 * <p>Description: JwtRealm
 * Shiro 授权认证
 * </p>

 */
@Slf4j
public class JwtRealm extends AuthorizingRealm {
    private LoginRedisService loginRedisService;

    public JwtRealm(LoginRedisService loginRedisService) {
        this.loginRedisService = loginRedisService;
    }

    @Override
    public boolean supports(AuthenticationToken token) {
        return token != null && token instanceof JwtToken;
    }
    /**
     * @Description 授权认证,设置角色/权限信息
     * @methodName: doGetAuthorizationInfo
     * @param principalCollection:
     * @return: org.apache.shiro.authz.AuthorizationInfo
     * 授权的信息
     *
     * @throws:
     * @date: 2020/4/19 20:19
     * @author: rabbit
     *
     */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        log.debug("doGetAuthorizationInfo principalCollection...");
        // 设置角色/权限信息
        JwtToken jwtToken = (JwtToken) principalCollection.getPrimaryPrincipal();
        // 获取username
        String username = jwtToken.getUsername();
        // 获取登录用户角色权限信息
        LoginSysUserRedisVO loginSysUserRedisVo = loginRedisService.getLoginSysUserRedisVO(username);
        SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
        // 设置角色
        authorizationInfo.setRoles(loginSysUserRedisVo.getRoleIds());
        // 设置权限
        authorizationInfo.setStringPermissions(loginSysUserRedisVo.getPermissions());
        return authorizationInfo;
    }
    /**
     * @Description 登录认证
     * @methodName: doGetAuthenticationInfo
     * @param authenticationToken:
     * @return: org.apache.shiro.authc.AuthenticationInfo
     * 认证的信息
     * @throws:
     * @date: 2020/4/19 20:20
     * @author: rabbit
     *
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        log.debug("doGetAuthenticationInfo authenticationToken...");
        // 校验token
        JwtToken jwtToken = (JwtToken) authenticationToken;
        if (jwtToken == null) {
            throw new AuthenticationException("jwtToken不能为空");
        }
        String salt = jwtToken.getSalt();
        if (StringUtils.isBlank(salt)) {
            throw new AuthenticationException("salt不能为空");
        }
        return new SimpleAuthenticationInfo(
                jwtToken,
                salt,
                getName()
        );
    }
}
